How to use Deep Security agents with iptables

To avoid a firewall conflict, the Deep Security Agent (DSA) installation will disable iptables by default. In situations where the agent firewall feature is NOT used, refer to the steps below to prevent the installer from disabling iptables.

In order to leave iptables untouched by the agent, you must create an empty file with the following path prior to installing the agent:

  • /etc/use_dsa_with_iptables

If that file is present, the agent installer will not disable iptables.